[rsbac] AUTH module - suid root needed ?

Kim Scholte rsbac@rsbac.org
Thu Apr 11 03:01:03 2002


I was wondering if an executable has to be set suid root to permit user
changes? I tried to change the su program to root.root and perm 0755, with
AUTH May Setuid turned on, which gives the following error:
    su: cannot set groups: Operation not permitted

So it seems it can not change groups, or maybe I overlooked something?

The reason I checked this is because I want to make a ftp user, called ftp
of the group daemons, which then runs the proftpd program without any need
for root access.